As smartphones become an everyday aspect of life, the apps we use help us do things better, simpler and faster. But as a new report shows, those exact same apps may just be making things easier for cybercriminals too.
License: Creative Commons
The June 2013 Mobile Security: McAfee Consumer Trends Report revealed a number of interesting points, showing how free apps are able to invade phones by sneaky permission settings. While adware is of course a known risk, the McAfee report noted that 26% of apps are very likely worse than adware – sms scams and many others have also been bundled in with free apps.
What apps are most likely to be infected? Apparently games are most targeted, followed closely by personalisation apps such as wallpapers; music apps, lifestyle apps and TV apps.
Luis Blando, McAfee VP of mobile product development says, "Most consumers don’t understand or even worry about the app permissions they agree to. Because of that, cybercriminals are increasingly abusing app permissions as an efficient way to deliver mobile malware. Through these agreements mobile consumers are willingly putting their personal information into the hands of criminals disguised as ad networks, and opening up endless doors for scammers.”
Skype App Also Posing Risks?
If by now you’re feeling safe and smug, you will want to read this before feeling too comfortable. An Android developer known as ‘Pulser’ had some rather interesting things to say about Skype on the Full Disclosure security forum recently.
According to this developer, there may be a way that Skype for Android is able to get past the lock screen. Although it may still be pure speculation, this potential security glitch may be cause for even more concern.
"The Skype for Android application appears to have a bug which permits the Android inbuilt lockscreen (ie. pattern, PIN, password) to be bypassed relatively easily, if the device is logged into Skype, and the 'attacker' is able to call the 'victim' on Skype,” says Pulser on the forum post.
Watching Out For Sneaky Mobile Apps
Like it or not, the applications we use on our phones put us at risk - just as the tools we use on our computers do. You can’t completely take out any remote chance of viruses or other threats, but you can at least put some basic steps in place to improve your security on your smartphone.
Try these simple tips for preventing attacked posed by sneaky apps…
• Always read app permissions before hitting download. If you see any that require permission to access your calls, contacts or other features that should not be required by the type of app in question, do not download.
• Do a proper clean up every few months to remove apps you no longer use. Those fun, quirky apps you downloaded for a laugh last year has served its purpose, and is just taking up memory if you don’t use it.
• Be aware of updates before installing them. Even apps that seem legit on the surface may not be entirely safe on a long-term basis. Some even trick users into adding 5 star reviews, in order to appear safer to new users.
• If you are ever unsure, take the time to do a quick Google search on the app you want to add. In many cases, you can spot a dodgy app in the search results quickly, or you can see if anyone has anything else to say about it before downloading.
• Check your app permission settings. It’s also good to remember that many apps are added in a sneaky way - you may authorise a certain app when using a news reader for instance, or you may click on something without realising it’s an application. Check your general permission settings so that you don’t add something nasty without realising.
If you put a little more thought into the app browsing and downloading process, you will be able to reduce security risks notably. The less risk there is, the more you can enjoy better quality apps that don’t turn your phone into a lean, mean, virus-ridden machine.
Craig Daitz is owner of SMARTlab mobile phone repairs and also contributes to the SMARTlab Blog with tips & tricks for all smartphone users . Connect on Facebook & Twitter.